-
Notifications
You must be signed in to change notification settings - Fork 10
/
main.yml
129 lines (109 loc) · 3.52 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
---
# defaults file for ansible-logstash
# Defines if logstash_config_dir should be cleared out
clear_logstash_config: false
# Defines if logstash should be configured
config_logstash: false
logstash_config_dir: /etc/logstash/conf.d
logstash_base_configs:
- 000_inputs
# - 001_filters
# comment out if metrics for logstash processing are not required
# good for keeping track of throughput...removed because of
# incompatabilities w/ES 2.x
# - 002_metrics
- 999_outputs
logstash_base_file_inputs:
[]
# - path: /var/log/nginx/access.log
# type: nginx-access
# - path: /var/log/nginx/error.log
# type: nginx-error
# - path: /var/log/mail.log
# type: postfix-log
# - path: /var/log/redis/redis-server.log
# type: redis-server
# Define inputs below to configure
logstash_base_inputs:
[]
# - prot: tcp
# # Gets around port < 1024 (Note...Configure clients to send
# # to 10514 instead of default 514)
# port: 10514
# type: syslog
# - prot: udp
# # Gets around port < 1024 (Note...Configure clients to send to 10514
# # instead of default 514)
# port: 10514
# type: syslog
# - type: beats
# port: 5044
# - type: redis
# batch_count: 1000
# host: "{{ logstash_server_fqdn }}"
# threads: 2
# - type: syslog
# # reminder....ports < 1024 require root access..
# port: 514
logstash_custom_inputs:
[]
# - input: someinput
# lines:
# - 'somekey => "value"'
logstash_custom_filters:
[]
# - lines:
# - 'somekey => "value"'
logstash_base_outputs:
[]
# - output: redis
# output_host: "{{ logstash_server_fqdn }}"
logstash_custom_outputs:
[]
# - output: someoutput
# lines:
# - 'somekey => "value"'
logstash_deb_repo: "{{ 'deb https://artifacts.elastic.co/packages/' ~ logstash_major_ver ~ '/apt stable main' }}"
logstash_folder: /opt/logstash
logstash_log_dir: /var/log/logstash
# Define major version to install
logstash_major_ver: 7.x
# Defines the miniumum amount of memory (in MB) required to effectively run Logstash
logstash_min_memory_required: 1024
# Define minor version to install also defines Pin priority on APT Preferences.d
logstash_minor_ver: 1:7.8.0-1
logstash_plugins:
[]
# - name: logstash-codec-nmap
# state: absent
# - name: logstash-filter-elasticsearch
# state: present
# - name: logstash-filter-json_encode
# state: present
# - name: logstash-filter-multiline
# state: absent
# - name: logstash-filter-translate
# state: present
# - name: logstash-filter-zeromq
# state: absent
# - name: logstash-input-beats
# state: present
# - name: logstash-output-email
# state: present
# - name: logstash-output-jira
# state: absent
# - name: logstash-output-slack
# state: absent
# https://github.com/elastic/logstash/issues/6528
logstash_plugin_cmd_vars: "JARS_SKIP='true'"
# Other examples:
# Options to work with proxy
# logstash_plugin_cmd_vars: "JARS_SKIP='true' JRUBY_OPTS='-J-Dhttps.proxyHost=user:[email protected] -J-Dhttps.proxyPort=8080 -J-Dhttp.proxyHost=user:[email protected] -J-Dhttp.proxyPort=8080'"
logstash_redhat_repo_url: "{{ 'https://artifacts.elastic.co/packages/' ~ logstash_major_ver ~ '/yum' }}"
logstash_repo_key: https://artifacts.elastic.co/GPG-KEY-elasticsearch
# Defines logstash server to send to...fqdn or localhost
logstash_server_fqdn: "logstash.{{ logstash_pri_domain_name }}"
logstash_pri_domain_name: example.org
logstash_install_java: true
# Defines the system groups the logstash user should be part of
logstash_system_groups: []